c_cpp B3_A_カーネルハック课题3システムコール编

Posted 2021-05-14

#include <linux/syscalls.h>
#include <linux/uaccess.h>
#include <linux/slab.h>
#include <linux/errno.h>
int do_new_syscall(int *nums, int length)
{
        int *buf;
        long copied;
        int list_size = length * sizeof(int);

        buf = kmalloc(list_size, GFP_KERNEL);
        if (buf==NULL){
                printk("new_systemcall: kmalloc fails");
                return -EFAULT;
        }
        if (!access_ok(VERIFY_WRITE, nums, list_size)){
                return -EADDRNOTAVAIL;
        }

        copied = copy_from_user(buf, nums, list_size);
        if (copied < 0 || copied == list_size){
                return -EFAULT;
        }

        int i;
        for (i = 0; i < length; i++){
                buf[i] += 10;
        }
        copied = copy_to_user(nums, buf, list_size);
        kfree(buf);
        return 0;
}
SYSCALL_DEFINE2(new_syscall, int *, nums, int , length)
{
        printk("new_syscall added!! length is %d", length);
        return do_new_syscall(nums, length);
}

//new_syscall.h

#ifndef __LINUX_NEW_SYSCALL_H
#define __LINUX_NEW_SYSCALL_H
#include "unistd_64.h"
#include <asm/unistd.h>
#include <sys/syscall.h>

#define new_syscall(nums, n) syscall(__NR_new_syscall, nums, n)
//inline static int new_syscall(int *nums, size_t n){
//    return syscall(__NR_new_syscall, nums, n) ? errno : 0;
//}
#endif

//new_syscall.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <limits.h>
#include "new_syscall.h"

#define INIT_VAL 10
#define BUF_SIZE 10
int main()
{
    int *buf = (int*)malloc(sizeof(int) * BUF_SIZE);
    int i;
    for (i = 0; i < BUF_SIZE; i++){
        buf[i] = INIT_VAL;
    }

    int ret = new_syscall(NULL, BUF_SIZE);                        // NULL pointer
    //int ret = new_syscall((int *)0xfffffc0000000000, BUF_SIZE); // access_ok fails
    //int ret = new_syscall(buf, BUF_SIZE);                       // kmalloc fails 
    if (ret < 0) {
        printf("errono is -> %d\n",errno);
        goto error;

        // copy_from_user fails
        // int ret = new_syscall((int *)0xffffffffffff, 20);
    }else{
        for (i = 0; i < BUF_SIZE; i++){
            printf("%d ", buf[i]);
        }
        printf("\n");
    }

    return 0;
error:
    return -1;
}

//new_syscall.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <limits.h>
#include "new_syscall.h"

#define BUF_SIZE 10
int main()
{
    int *buf = (int*)malloc(sizeof(int) * BUF_SIZE);
    int i;
    for (i = 0; i < BUF_SIZE; i++){
        buf[i] = i;
        printf("%d ", buf[i]);
    }
    printf("\n");
    fflush(stdout);

    int ret = new_syscall(buf, BUF_SIZE);
    if (ret < 0) {
        printf("errono is -> %d\n",errno);
        goto error;
    }else{
        for (i = 0; i < BUF_SIZE; i++){
            printf("%d ", buf[i]);
        }
        printf("\n");
    }

    return 0;
error:
    return -1;
}

#include <linux/syscalls.h>
#include <linux/uaccess.h>
#include <linux/slab.h>
#include <linux/errno.h>

int do_new_syscall(int *nums, size_t n)
{
        int i;
        int *buf;
        int size = n * sizeof(int);

        long copied;

        if (nums == NULL){
                printk("%s: nums is null pointer\n", __func__);
                goto bad_address;
        }

        if (!access_ok(VERIFY_WRITE, nums, size)){
                printk("%s: access_ok fails\n", __func__);
                goto bad_address;
        }

        buf = kmalloc(size, GFP_KERNEL);
        if (buf == NULL){
                printk("%s: kmalloc fails\n", __func__);
                goto out_of_memory;
        }

        copied = copy_from_user(buf, nums, size);
        if (copied < 0 || copied == size){
                printk("%s: copy_from_user fails\n", __func__);
                kfree(buf);
                goto bad_address;
        }

        for (i = 0; i < n; i++){
                if (buf[i] > INT_MAX-10) {
                        printk("%s: List elements must be INT_MAX-10 or less\n", __func__);
                        kfree(buf);
                        goto invalid_argument;
                }
                buf[i] += 10;
        }

        copied = copy_to_user(nums, buf, size);
        if (copied < 0 || copied == size){
                printk("%s: copy_from_user fails\n", __func__);
                kfree(buf);
                goto bad_address;
        }

        kfree(buf);
        return 0;
bad_address:
        return -EFAULT;
out_of_memory:
        return -ENOMEM;
invalid_argument:
        return -EINVAL;
}
SYSCALL_DEFINE2(new_syscall, int *, nums, size_t , n)
{
        printk("new_syscall is called: n is %zu", n);
        return do_new_syscall(nums, n);
}